EU US Privacy Shield: Changes for Data Processors and Exporters

Data privacy between United States (US) and European Union (EU) companies has a new option formally named the EU-U.S. Privacy Shield which was adopted by the European Commission on July 12, 2016. This replaces the Safe Harbor Privacy Principles which were overturned on October 6, 2015 by the European Court of Justice.

Do I need to change to the privacy shield regulations now or can I stick to the model clauses?

At Jungle Disk we have our data privacy counsel investigating the industry reception for the new Privacy Shield. Today we provide our EU customers the ability to store their data in Amazon Web Services EU (Ireland) and we provide a Standard Contractual Clauses agreement for Data Processors and Data Exporters (PDF download). The Privacy Shield pact does not invalidate any Model Clause agreement between an EU and U.S. entity so you do not need to make a change today.

When will U.S. companies start offering Privacy Shield for protection of personal data?

The United States Department of Commerce published a Fact Sheet on July 12, 2016 (PDF Download) outlining the self-certification process available via the Privacy Shield Framework starting in August of this year. We’ll continue to review and then decide if we’ll add the Privacy Shield Framework alongside our Model Clauses agreements.

Should I read more about this?

This topic is actively covered in news outlets. Our team recommends the following articles and fact sheets if you want to do more research on your own: